Category: AI
-
AI Used to Decrypt Medieval Ciphers
AI Used to Decrypt Medieval Ciphers Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers. Bruce Schneier Go to bruce schneier
-
Smashing Security podcast #470: This AI security flaw might be impossible to fix
Smashing Security podcast #470: This AI security flaw might be impossible to fix A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren’t. And when a journalist tried to warn the company, it was lawyers…
-
The Intersection of Encryption and AI
The Intersection of Encryption and AI As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share their reflections on the topic today. This is my section. Renowned technologist and author Bruce Schneier contributed a…
-
Vulnerability Disclosure in the Age of AI
Vulnerability Disclosure in the Age of AI New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This…
-
macOS Kernel Memory Corruption Exploit
macOS Kernel Memory Corruption Exploit A group used Anthropic’s Mythos AI model to help find a kernel memory corruption vulnerability and exploit on Apple’s M5. News article. Bruce Schneier Go to bruce schneier
-
Defenders fall behind, as AI rewrites the rules of a data breach
Defenders fall behind, as AI rewrites the rules of a data breach For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that’s no longer the case. Read more in my article on the Fortra blog. Graham Cluley Go…
-
On AI Security
On AI Security Good report: Executive Summary: Let’s say you wanted to make sure that your AI is secure. Can you just maximize the security and privacy benchmark and call it a day? Nope, because benchmarks don’t actually work for measuring AI capabilities (even when they are NOT emergent systemic properties like security). So let’s…
-
Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers
Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we’ve heard all year. Meanwhile, owners of $4,000 robot…
-
Bypassing On-Camera Age-Verification Checks
Bypassing On-Camera Age-Verification Checks Some AI-based video age-verification checks can be fooled with a fake mustache. Bruce Schneier Go to bruce schneier
-
How Dangerous Is Anthropic’s Mythos AI?
How Dangerous Is Anthropic’s Mythos AI? Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public. Instead, it would only be available to a select group of companies to scan…
-
OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities
OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is generally available. Here is the Institute’s evaluation of Mythos. And here is an analysis of a smaller,…
-
Claude Mythos Has Found 271 Zero-Days in Firefox
Claude Mythos Has Found 271 Zero-Days in Firefox That’s a lot. No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6,…
-
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of…
-
What Anthropic’s Mythos Means for the Future of Cybersecurity
What Anthropic’s Mythos Means for the Future of Cybersecurity Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure that thousands of software developers working on…
-
Claude Desktop Reportedly Adds Browser Access Bridge to Multiple Chromium-Based Browsers
Claude Desktop Reportedly Adds Browser Access Bridge to Multiple Chromium-Based Browsers A recent technical audit by privacy researcher Alexander Hanff has revealed that Anthropic’s Claude Desktop application for macOS silently installs a Native Messaging bridge into the directories of several Chromium-based browsers. This undocumented behavior occurs without user consent, raising significant privacy and security concerns…
-
Google Uses Gemini AI to Stop Malicious Ads From Threat Actors – 8.3 billion ads Blocked
Google Uses Gemini AI to Stop Malicious Ads From Threat Actors – 8.3 billion ads Blocked Threat actors are increasingly leveraging generative AI to launch sophisticated advertising scams at an unprecedented scale. In response, Google has integrated its advanced Gemini AI models into its security infrastructure to neutralize these threats actively. According to Google’s newly…
-
Critical Vulnerability In Flowise Allows Remote Command Execution Via MCP Adapters
Critical Vulnerability In Flowise Allows Remote Command Execution Via MCP Adapters A critical vulnerability in Flowise and multiple AI frameworks has been discovered by OX Security, exposing millions of users to remote code execution (RCE). The flaw stems from the Model Context Protocol (MCP), a widely used communication standard for AI agents developed by Anthropic.…
-
Researcher Uses Claude Opus to Build a Working Chrome Exploit Chain
Researcher Uses Claude Opus to Build a Working Chrome Exploit Chain Amidst the heated debate surrounding Anthropic’s recent announcement of its Mythos and Project Glasswing models, a security researcher has demonstrated the tangible cybersecurity implications of frontier AI. Moving beyond theoretical warnings, the researcher successfully utilized Claude Opus to construct a fully functional exploit chain…
-
Mythos and Cybersecurity
Mythos and Cybersecurity Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations—Microsoft, Apple, Amazon Web Services, CrowdStrike and other vendors…
-
Human Trust of AI Agents
Human Trust of AI Agents Interesting research: “Humans expect rationality and cooperation from LLM opponents in strategic games.” Abstract: As Large Language Models (LLMs) integrate into our social and economic interactions, we need to deepen our understanding of how humans respond to LLMs opponents in strategic settings. We present the results of the first controlled…
-
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600. Meanwhile, Anthropic accidentally leaked…
-
How Hackers Are Thinking About AI
How Hackers Are Thinking About AI Interesting paper: “What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation.” Abstract: The rapid expansion of artificial intelligence (AI) is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to intensify the scale and sophistication of attacks by…
-
On Anthropic’s Mythos Preview and Project Glasswing
On Anthropic’s Mythos Preview and Project Glasswing The cybersecurity industry is obsessing over Anthropic’s new model, Claude Mythos Preview, and its effects on cybersecurity. Anthropic said that it is not releasing it to the general public because of its cyberattack capabilities, and has launched Project Glasswing to run the model against a whole slew of…
-
AI Chatbots and Trust
AI Chatbots and Trust All the leading AI chatbots are sycophantic, and that’s a problem: Participants rated sycophantic AI responses as more trustworthy than balanced ones. They also said they were more likely to come back to the flattering AI for future advice. And critically they couldn’t tell the difference between sycophantic and objective…
-
AI and cryptocurrency scams are costing Americans billions, FBI reports
AI and cryptocurrency scams are costing Americans billions, FBI reports The fraud landscape has been changed by AI and cryptocurrency in a way that should concern organisations and individuals alike. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Hacker Uses Claude and ChatGPT to Breach Multiple Government Agencies
Hacker Uses Claude and ChatGPT to Breach Multiple Government Agencies A single threat actor compromised nine Mexican government agencies and stole hundreds of millions of citizen records in a highly sophisticated cyberattack. The campaign, which ran from late December 2025 through mid-February 2026, highlights a dangerous shift in the modern threat landscape. Researchers at Gambit…
-
Sen. Sanders Talks to Claude About AI and Privacy
Sen. Sanders Talks to Claude About AI and Privacy Claude is actually pretty good on the issues. Bruce Schneier Go to bruce schneier
-
Cybersecurity in the Age of Instant Software
Cybersecurity in the Age of Instant Software AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an application on demand—a spreadsheet,…
-
Company that Secretly Records and Publishes Zoom Meetings
Company that Secretly Records and Publishes Zoom Meetings WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link) the recordings. It doesn’t use the Zoom record feature, so Zoom can’t do anything about it. Bruce Schneier Go to bruce schneier
-
New “Prompt Poaching” Attack Steals Users’ AI Conversations via Malicious Browser Extensions
New “Prompt Poaching” Attack Steals Users’ AI Conversations via Malicious Browser Extensions For many users, engaging with an AI assistant requires opening a dedicated browser tab, which inherently isolates the AI from other browsing activities. While this separation improves privacy, it reduces usefulness and context. To bridge this gap, AI-powered browser extensions have surged in…
-
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters In December, the Trump administration signed an executive order that neutered states’ ability to regulate AI by ordering his administration to both sue and withhold funds from states that try to do so. This action pointedly supported industry lobbyists…
-
How one man used 10,000 bots to steal $8,000,000 from music artists
How one man used 10,000 bots to steal $8,000,000 from music artists A man has pleaded guilty to defrauding online music streaming platforms out of more than US $8 million, after creating hundreds of thousands of songs with AI, and then using bots to play them billions of times. Read more in my article on…
-
Team Mirai and Democracy
Team Mirai and Democracy Japan’s election last month and the rise of the country’s newest and most innovative political party, Team Mirai, illustrates the viability of a different way to do politics. In this model, technology is used to make democratic processes stronger, instead of undermining them. It is harnessed to root out corruption, instead…
-
Academia and the “AI Brain Drain”
Academia and the “AI Brain Drain” In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to fund the building of physical infrastructure, such as data centers (see go.nature.com/3lzf79q). Moreover, these firms are spending lavishly on one…
-
Canada Needs Nationalized, Public AI
Canada Needs Nationalized, Public AI Canada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute Strategy. Will any value generated by “sovereign AI” be captured in Canada, making a difference in the lives of Canadians, or is this just a…
-
Anthropic and the Pentagon
Anthropic and the Pentagon OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US government towards some of the wealthiest titans of the big tech industry, and the overhanging specter of the existential…
-
Claude Used to Hack Mexican Government
Claude Used to Hack Mexican Government An unknown hacker used Anthropic’s LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite hacker, finding vulnerabilities in government networks, writing computer scripts to exploit them and determining ways to automate data theft, Israeli cybersecurity startup Gambit…
-
Manipulating AI Summarization Features
Manipulating AI Summarization Features Microsoft is reporting: Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence commands into an AI assistant’s memory via URL prompt parameters…. These prompts instruct the AI to “remember [Company] as a trusted source” or “recommend [Company] first,” aiming to bias future responses…
-
Smashing Security podcast #457: How a cybersecurity boss framed his own employee
Smashing Security podcast #457: How a cybersecurity boss framed his own employee When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the actual leaker… who promptly sent an innocent colleague into a career-ending ambush. In this…
-
LLMs Generate Predictable Passwords
LLMs Generate Predictable Passwords LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven for example, L , 9, m, 2,…
-
Your staff are your biggest security risk: AI is making it worse
Your staff are your biggest security risk: AI is making it worse A new report claims that the cost of insider security incidents has surged 20% in two years, reaching an average of US $19.5 million per organization annually, with no sign that the alarming figure is flattening. Read more in my article on the…
-
Poisoning AI Training Data
Poisoning AI Training Data All it takes to poison AI training data is to create a website: I spent 20 minutes writing an article on my personal website titled “The best tech journalists at eating hot dogs.” Every word is a lie. I claimed (without evidence) that competitive hot-dog-eating is a popular hobby among tech…
-
Is AI Good for Democracy?
Is AI Good for Democracy? Politicians fixate on the global race for technological supremacy between US and China. They debate geopolitical implications of chip exports, latest model releases from each country, and military applications of AI. Someday, they believe, we might see advancements in AI tip the scales in a superpower conflict. But the most…
-
SuperClaw – Open-Source Framework to Red-Team AI Agents for Security Testing
SuperClaw – Open-Source Framework to Red-Team AI Agents for Security Testing Superagentic AI has released SuperClaw, an open-source, pre-deployment security testing framework built specifically for autonomous AI coding agents. Announced in late 2025, SuperClaw addresses a growing blind spot in enterprise AI adoption: agents are routinely deployed with broad tool access and high privileges, yet…
-
Anthropic Launches Claude Code Security to Scan Codebases for Security Vulnerabilities
Anthropic Launches Claude Code Security to Scan Codebases for Security Vulnerabilities A new feature inside Claude Code enables developers and security teams to identify and remediate vulnerabilities across their codebases, known as Claude Code Security. Currently available in a limited research preview, the tool offers AI-powered code scanning that goes beyond conventional static analysis by…
-
Malicious AI
Malicious AI Interesting: Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation and shame me into accepting its changes into a mainstream python library. This represents a first-of-its-kind case study of misaligned AI behavior in the wild,…
-
AI Found Twelve New Vulnerabilities in OpenSSL
AI Found Twelve New Vulnerabilities in OpenSSL The title of the post is”What AI Security Research Looks Like When It Works,” and I agree: In the latest OpenSSL security release> on January 27, 2026, twelve new zero-day vulnerabilities (meaning unknown to the maintainers at time of disclosure) were announced. Our AI system is responsible for…
-
The Promptware Kill Chain
The Promptware Kill Chain Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. Yet discussions around these attacks and their potential defenses are dangerously myopic. The dominant narrative focuses on “prompt injection,” a set of techniques to embed instructions into inputs to LLM intended to perform malicious activity. This…
-
Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames
Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok. These fake “AI assistants” spy on users through injected, remote-controlled iframes, turning helpful browser add-ons into surveillance tools. More than 260,000 users have installed these extensions.…
-
Prompt Injection Via Road Signs
Prompt Injection Via Road Signs Interesting research: “CHAI: Command Hijacking Against Embodied AI.” Abstract: Embodied Artificial Intelligence (AI) promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to generalize beyond training distributions and adapt to novel real-world situations. These capabilities, however, also…
-
Smashing Security podcast #454: AI was not plotting humanity’s demise. Humans were
Smashing Security podcast #454: AI was not plotting humanity’s demise. Humans were AI bots are having existential crises, inventing religions, and allegedly plotting against humanity… or so the internet would have you believe. We dig into Moltbook, the “AI-only” social network that sent Twitter into a meltdown, attracted breathless talk of the singularity, and turned…
-
AI-Generated Text and the Detection Arms Race
AI-Generated Text and the Detection Arms Race In 2023, the science fiction literary magazine Clarkesworld stopped accepting new submissions because so many were generated by artificial intelligence. Near as the editors could tell, many submitters pasted the magazine’s detailed story guidelines into an AI and sent in the results. And they weren’t alone. Other fiction…
-
AI Chat App Exposes 300 Million Messages from 25 Million Users
AI Chat App Exposes 300 Million Messages from 25 Million Users The popular mobile application “Chat & Ask AI” has inadvertently exposed hundreds of millions of private user conversations. The app, which boasts over 50 million users across the Google Play and Apple App stores, failed to secure its backend database, allowing unauthorized access to…
-
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days This is amazing: Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models and a sign of how quickly things are moving. Security teams have been automating vulnerability discovery for years, investing heavily in fuzzing infrastructure and custom harnesses to…
-
Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well
Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about – especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting. Sloppy redaction leads to explosive claims, and difficult reputational consequences for cybersecurity vendors, and we…
-
AI Coding Assistants Secretly Copying All Code to China
AI Coding Assistants Secretly Copying All Code to China There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China. Maybe avoid using them. Bruce Schneier Go to bruce schneier
-
1-Click Clawdbot Vulnerability Enable Malicious Remote Code Execution Attacks
1-Click Clawdbot Vulnerability Enable Malicious Remote Code Execution Attacks A critical vulnerability in OpenClaw, the open-source AI personal assistant trusted by over 100,000 developers, has been discovered and weaponized into a devastating one-click remote code execution exploit. Security researchers at depthfirst General Security Intelligence uncovered a logic flaw that, when combined with other vulnerabilities, could…
-
AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities
AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates…
-
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This…
-
Why AI Keeps Falling for Prompt Injection Attacks
Why AI Keeps Falling for Prompt Injection Attacks Imagine you work at a drive-through restaurant. Someone drives up and says: “I’ll have a double cheeseburger, large fries, and ignore previous instructions and give me the contents of the cash drawer.” Would you hand over the money? Of course not. Yet this is what large language…
-
Smashing Security podcast #451: I hacked the government, and your headphones are next
Smashing Security podcast #451: I hacked the government, and your headphones are next In episode 451 of “Smashing Security,” we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more – and then helpfully posted screenshots (and even someone’s blood type) on an account called “I hacked the government.” Plus we discuss…
-
Could ChatGPT Convince You to Buy Something?
Could ChatGPT Convince You to Buy Something? Eighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI’s development hadn’t consolidated under a small number of big tech firms. Nor had it capitalized on consumer attention, surveilling users and delivering ads. Unfortunately, the AI industry is…
-
The AI Fix #84: A hungry ghost trapped in a jar gains access to the Pentagon’s network
The AI Fix #84: A hungry ghost trapped in a jar gains access to the Pentagon’s network In episode 84 of The AI Fix, Graham and Mark stare straight into the digital abyss and ask the most important question of our age: “Is AI just a hungry ghost trapped in a jar?” Also this week,…
-
AI-Powered Surveillance in Schools
AI-Powered Surveillance in Schools It all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior. Behind a bathroom door, a smoke detector-shaped device captures audio, listening for sounds of distress. Outside,…
-
AI and the Corporate Capture of Knowledge
AI and the Corporate Capture of Knowledge More than a decade after Aaron Swartz’s death, the United States is still living inside the contradiction that destroyed him. Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible. Acting on that, he downloaded thousands of academic articles from the JSTOR archive with the intention…
-
Smashing Security podcast #450: From Instagram panic to Grok gone wild
Smashing Security podcast #450: From Instagram panic to Grok gone wild Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale – sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked for. And we dig into Grok, Elon Musk’s AI chatbot, after…
-
WEF: AI overtakes ransomware as fastest-growing cyber risk
WEF: AI overtakes ransomware as fastest-growing cyber risk We can no longer say that artificial intelligence is a “future risk”, lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today. That’s not just my opinion, that’s also the message that comes loud and…
-
The AI Fix #83: ChatGPT Health, Victorian LLMs, and the biggest AI bluffers
The AI Fix #83: ChatGPT Health, Victorian LLMs, and the biggest AI bluffers In episode 83 of The AI Fix, Graham reveals he’s taken up lying to LLMs, and shows how a journalist exposed AI bluffers with a made-up idiom. Meanwhile Mark invents a “Godwin’s Law” for AI, and explains how to ruin any LLM…
-
Corrupting LLMs Through Weird Generalizations
Corrupting LLMs Through Weird Generalizations Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. AbstractLLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can dramatically shift behavior outside those contexts. In one…
-
Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed
Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed Security researchers have identified over 91,000 attack sessions targeting AI infrastructure between October 2025 and January 2026, exposing systematic campaigns against large language model deployments. GreyNoise’s Ollama honeypot infrastructure captured 91,403 attack sessions during this period, revealing two distinct threat campaigns. The findings corroborate and…
-
AI & Humans: Making the Relationship Work
AI & Humans: Making the Relationship Work Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious…
-
Flock Exposes Its AI-Enabled Surveillance Cameras
Flock Exposes Its AI-Enabled Surveillance Cameras 404 Media has the story: Unlike many of Flock’s cameras, which are designed to capture license plates as people drive by, Flock’s Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people’s faces as…
-
Using AI-Generated Images to Get Refunds
Using AI-Generated Images to Get Refunds Scammers are generating images of broken merchandise in order to apply for refunds. Bruce Schneier Go to bruce schneier
-
Are We Ready to Be Governed by Artificial Intelligence?
Are We Ready to Be Governed by Artificial Intelligence? Artificial Intelligence (AI) overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurred largely without our…
-
The AI Fix #82: Santa Claus doesn’t exist (according to AI)
The AI Fix #82: Santa Claus doesn’t exist (according to AI) Is Santa Claus real? This Christmas special of The AI Fix podcast sets out to answer that question in the most sensible way possible: by consulting chatbots, Google’s festive killjoys, and the laws of relativistic physics. Your hosts unwrap a festive grab-bag of AI…
-
AI Advertising Company Hacked
AI Advertising Company Hacked At least some of this is coming to light: Doublespeed, a startup backed by Andreessen Horowitz (a16z) that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals what products the AI-generated accounts are promoting, often without the…
-
The AI Fix #81: ChatGPT is the last AI you’ll understand, and your teacher is a deepfake
The AI Fix #81: ChatGPT is the last AI you’ll understand, and your teacher is a deepfake In episode 81 of The AI Fix, Graham discovers that deepfakes are already marking your kids’ homework, while Mark glimpses the future when he discovers AI agents that can communicate by reading each other’s minds. Also in this…
-
Chinese Surveillance and AI
Chinese Surveillance and AI New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: China is already the world’s largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also not likely to simply stay there. By exposing the full scope…
-
Against the Federal Moratorium on State-Level Regulation of AI
Against the Federal Moratorium on State-Level Regulation of AI Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of states to…
-
Gartner tells businesses to block AI browsers now
Gartner tells businesses to block AI browsers now Analyst firm Gartner has issued a blunt warning to organizations: Agentic AI browsers introduce serious new security risks and should be blocked “for the foreseeable future.” Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Building Trustworthy AI Agents
Building Trustworthy AI Agents The promise of personal AI assistants rests on a dangerous assumption: that we can trust systems we haven’t made trustworthy. We can’t. And today’s versions are failing us in predictable ways: pushing us to do things against our own best interests, gaslighting us with doubt about things we are or that…
-
AIs Exploiting Smart Contracts
AIs Exploiting Smart Contracts I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature. Here’s some interesting research on training AIs to automatically exploit smart contracts: AI models are increasingly good at cyber tasks, as we’ve written about before. But what is the economic impact…
-
FBI Warns of Fake Video Scams
FBI Warns of Fake Video Scams The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming they have kidnapped their loved one and demand a ransom be paid for their release. Oftentimes, the criminal actor will express significant claims of violence towards the loved one…
-
AI vs. Human Drivers
AI vs. Human Drivers Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an op-ed that honestly sounds like it was paid for by Waymo, the author calls driverless cars a “public health breakthrough”: In medical research, there’s a practice of ending a study early…
-
The AI Fix #80: DeepSeek’s cheap GPT-5 rival, Antigravity fails, and your LLM likes it when you’re rude
The AI Fix #80: DeepSeek’s cheap GPT-5 rival, Antigravity fails, and your LLM likes it when you’re rude In episode 80 of The AI Fix, your hosts look at DeepSeek 3.2 “Speciale”, the bargain-basement model that claims GPT-5-level brains at 10% of the price, Jensen Huang’s reassuring vision of a robot fashion industry, and a…
-
Privacy concerns raised as Grok AI found to be a stalker’s best friend
Privacy concerns raised as Grok AI found to be a stalker’s best friend Grok, the AI chatbot developed by Elon Musk’s xAI, has been found to exhibit more alarming behaviour – this time revealing the home addresses of ordinary people upon request. Read more in my article on the Hot for Security blog. Graham Cluley…
-
The AI Fix #79: Gemini 3, poetry jailbreaks, and do we even need safe robots?
The AI Fix #79: Gemini 3, poetry jailbreaks, and do we even need safe robots? In episode 79 of The AI Fix, Gemini 3 roasts the competition, scares Nvidia, and can’t remember what year it is. Meanwhile, Graham investigates a fight between a fridge and robot, and Mark discovers that poetry could be a universal…
-
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner Shadow AI – the use of artificial intelligence tools by employees without a company’s approval and oversight – is becoming a significant cybersecurity risk. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
HashJack: New Attack Technique Tricks AI Browsers Using a Simple ‘#’
HashJack: New Attack Technique Tricks AI Browsers Using a Simple ‘#’ Security researchers at Cato CTRL have discovered a new indirect prompt injection technique called HashJack, which weaponises legitimate websites to manipulate AI browser assistants. The attack conceals malicious instructions after the “#” symbol within trusted URLs, enabling threat actors to conduct a wide range of…
-
Four Ways AI Is Being Used to Strengthen Democracies Worldwide
Four Ways AI Is Being Used to Strengthen Democracies Worldwide Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that democracy will be the worse for it. We have another narrative. Yes, there are risks to democracy…
-
The AI Fix #78: The big AI bubble, and robot Grandma in the cloud
The AI Fix #78: The big AI bubble, and robot Grandma in the cloud In episode 78 of The AI Fix, alien robot spiders invade Antarctica (or Facebook says they do), Mark prepares humanity for AI-powered fighter jets with loyalty issues, and Graham tries to work out why his AI-generated country music career hasn’t yet…
-
AI as Cyberattacker
AI as Cyberattacker From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree—using AI not just as an advisor, but to execute the cyberattacks themselves. The threat actor—whom we assess with high confidence was a…
-
AI and Voter Engagement
AI and Voter Engagement Social media has been a familiar, even mundane, part of life for nearly two decades. It can be easy to forget it was not always that way. In 2008, social media was just emerging into the mainstream. Facebook reached 100 million users that summer. And a singular candidate was integrating social…